Expert Comments

Experts Reaction On Fake TikTok links Injected With Malware

Expert(s): Security Experts
Expert(s): Security Experts

The Maharashtra Cyber Police warned citizens not to click on Tiktok links as they may contain malware aimed at capturing user data. An official told PTI that the department had found that fraudsters were creating fake Tiktok Pro links to snare people who want to download the video-sharing device that is now banned in the country along with several other Chinese apps. He said online fraudsters were sending links through WhatsApp and text messages to trap gullible netizens.

Experts Comments

July 09, 2020
Christoph Hebeisen
Director, Security Intelligence Research
Lookout
When legitimate, popular channels to acquire a popular app are blocked for whatever reason, it presents an opportunity for malicious actors to lure victims by promising a way around the restriction. We have seen similar attempts to entice users to install malware in connection with the distribution of Fortnite for Android outside of Google Play as well as the geographically staggered release of PokemonGo. The removal of the TikTok app from both Google Play and the Apple App Store in India has.....Read More
When legitimate, popular channels to acquire a popular app are blocked for whatever reason, it presents an opportunity for malicious actors to lure victims by promising a way around the restriction. We have seen similar attempts to entice users to install malware in connection with the distribution of Fortnite for Android outside of Google Play as well as the geographically staggered release of PokemonGo. The removal of the TikTok app from both Google Play and the Apple App Store in India has created a similar situation. Users should limit their risk by only installing apps from the official app stores and using mobile security as an added layer of protection.  Read Less
July 09, 2020
Chris Hauk
Consumer Privacy Champion
Pixel Privacy
Phishing attacks like the fake TikTok link incidents in Maharashtra will continue to prove to be fruitful for the bad guys until users are educated on the risks of clicking links in text messages, WhatsApp messages, and emails. When users are looking to download apps like TikTok they will find that legitimate sources of the apps will not ask for personal or financial information before allowing them to download a free app. As for myself, I would also be concerned as to what TikTok does with my .....Read More
Phishing attacks like the fake TikTok link incidents in Maharashtra will continue to prove to be fruitful for the bad guys until users are educated on the risks of clicking links in text messages, WhatsApp messages, and emails. When users are looking to download apps like TikTok they will find that legitimate sources of the apps will not ask for personal or financial information before allowing them to download a free app. As for myself, I would also be concerned as to what TikTok does with my data after I install the app, as it has been found to spy on the clipboard on iOS devices.  Read Less
July 09, 2020
Paul Bischoff
Privacy Advocate
Comparitech
This is a variation of a very common attack in which attackers lure victims into clicking on links that seem legitimate, but in fact lead to phishing pages or malware downloads. Because TikTok is popular, many people will click on links without a second thought. Remember: never click on links in unsolicited messages.

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Comment: Contactless Limit Of £100 Is Logical But A Huge...

Cyberattack Response Takes Over 2 Days, Industry Survey Reports

Comment: New Group Can Breach Organisation, Steal Sensitive Data Without...

Quest-owned Fertility Clinic Announces Data Breach After August Ransomware Attack

On Hackers ‘Password Spraying’ Office 365 Accounts

Patch Tuesday Addresses 74 CVEs | Commentary

MysterySnail RAT Uses MSoft Zero-day – 3 Experts Comment

University Of Sunderland Hit With Major Cyber Attack

You Should Update Your iPhone Right Now

Weir Group Suffers Ransomware Attack – Security Expert Comments

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy